New Google Cloud Platform Compliance Plugin and Audits

Summary

Customers utilizing Google Cloud Platform can now assess the compliance of their Google Cloud Platform environments, including Google Kubernetes Engine (GKE) deployments in Google Cloud Platform.

This release includes audit content for the following benchmarks:

CIS Google Cloud Platform Foundation Benchmark v1.2.0

This security configuration benchmark covers foundational elements of Google Cloud Platform. The recommendations detailed here are important security considerations when designing your infrastructure on Google Cloud Platform. Most of the recommendations provided with this release of the benchmark covers security considerations only at individual Project level and not at the organization level.

Audit Files:

- CIS_Google_Cloud_Platform_v1.2.0_L1.audit

- CIS_Google_Cloud_Platform_v1.2.0_L2.audit

CIS Google Kubernetes Engine (GKE) Benchmark v1.1.0

This document provides prescriptive guidance for running Google Kubernetes Engine (GKE) v1.15 following recommended security controls. This benchmark only includes controls which can be modified by an end user of GKE. For information on GKE's performance against the Kubernetes CIS benchmarks, for items which cannot be audited or modified, see the GKE documentation at https://cloud.google.com/kubernetes-engine/docs/concepts/cis-benchmarks.

For the latest GKE hardening guide, see g.co/gke/hardening.

Audit Files:

- CIS_Google_Kubernetes_Engine_GKE_v1.1.0_L1_Master.audit

- CIS_Google_Kubernetes_Engine_GKE_v1.1.0_L2_Master.audit

- CIS_Google_Kubernetes_Engine_GKE_v1.1.0_L1_Worker.audit (Unix Plugin)

- CIS_Google_Kubernetes_Engine_GKE_v1.1.0_L2_Worker.audit (Unix Plugin)

Target Release Date

August 9, 2021